Schema:
1. Mikrotik router with Wireguard server 172.16.1.1
2. Wireguard peer with address 172.16.1.2
3. Peer has RDP port 3389
I have added rule dstmap protocol tcp port 23389 with action netmap To address 172.16.1.2 To ports 3389
Whenever I am trying to access to my_white_ip:23389 port I got timeout but packets counter incremented
So, question: should I add some extra rules? Port 3389 available for Wireguard on client, I have tested with connecting to another internal wireguard server on RPi4, and than I am able to connect to peer (inside wireguard network)
Re: Allow access to Wireguard peer from WAN
It is not clear what you are trying to achieve?
I think you are trying to wireguard into your MT router so that a user can access an RDP server on your LAN.
If so, then I would have to see the config to know why its not working.
/export file=anynameyouwish (minus router serial number, public WAN:IP information, keys etc. )
I think you are trying to wireguard into your MT router so that a user can access an RDP server on your LAN.
If so, then I would have to see the config to know why its not working.
/export file=anynameyouwish (minus router serial number, public WAN:IP information, keys etc. )
Re: Allow access to Wireguard peer from WAN
I want to RDP from WAN (internet) to my server with non-white IP
The plan is:
* server with non-white IP make wireguard connection to Mikrotik router (which has white IP address)
* Mikrotik setup the rule to forward traffic from WAN to wireguard peer
The plan is:
* server with non-white IP make wireguard connection to Mikrotik router (which has white IP address)
* Mikrotik setup the rule to forward traffic from WAN to wireguard peer
Re: Allow access to Wireguard peer from WAN
Draw a diagram I have no idea what the heck a white IP is for example.
I also have no clue what you are trying to accomplish speak in terms of user traffic.
User needs to access X located at Y from location Z
Not clear why RDP is needed, not clear why wireguard is needed. etc...
I also have no clue what you are trying to accomplish speak in terms of user traffic.
User needs to access X located at Y from location Z
Not clear why RDP is needed, not clear why wireguard is needed. etc...
Re: Allow access to Wireguard peer from WAN
white ip - real (not private) IP address. A lot of IP in Ukraine is "gray" (over provider's NAT), so not reacheble from Internet
Re: Allow access to Wireguard peer from WAN
Well, hmm okay, so you have a mobile user (actor) that needs to reach either the main lan behind the MT) or some other still poorly described LAN.
Is this LAN behind a router as well? How does it connect to the internet? Does its upstream router have wireguard.
If not how are you proposing this LAN connects to wireguard ???
Is this LAN behind a router as well? How does it connect to the internet? Does its upstream router have wireguard.
If not how are you proposing this LAN connects to wireguard ???
Re: Allow access to Wireguard peer from WAN
Another LAN has "gray" (private) IP - behind provider's NAT (something like 10.20.30.40)
So, the idea is to connect from this another LAN to Mikrotik router (over Wireguard or other VPN), and than on Mikrotik allow traffic redirect from "wild" Internet to PC's in another LAN
So, the idea is to connect from this another LAN to Mikrotik router (over Wireguard or other VPN), and than on Mikrotik allow traffic redirect from "wild" Internet to PC's in another LAN
Re: Allow access to Wireguard peer from WAN
All very doable if this grey router has wireguard capabilities which you have not made clear..
If not you should still be able to connect through the grey router from a PC on that LAN.
If not you should still be able to connect through the grey router from a PC on that LAN.
Who is online
Users browsing this forum: No registered users and 5 guests